일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
7 | 8 | 9 | 10 | 11 | 12 | 13 |
14 | 15 | 16 | 17 | 18 | 19 | 20 |
21 | 22 | 23 | 24 | 25 | 26 | 27 |
28 | 29 | 30 |
- schema registry
- Logstash
- 플레이 프레임워크
- Slick
- scala 2.10
- gradle
- scala
- Kafka
- spring-batch
- Spring
- spring-kafka
- coursera
- Elk
- reactive
- kafka interactive query
- RabbitMQ
- confluent
- Elasticsearch
- 카프카
- avo
- enablekafkastreams
- kafka streams
- 한빛미디어
- kafkastreams
- springboot
- play framework
- statestore
- kafkastream
- aws
- spring-cloud-stream
- Today
- Total
b
spring security oauth2 에서 access token의 저장 본문
Spring Security OAuth2 인증 순서.
1. https://localhost:8443/login 으로 로그인을 하려고 하면 security의 `anyRequest().authenticated()` 코드에 의해 인증이 필요한것으로 파악하여 302응답이 돌아온다.
Status Code : 302
Location: https://www.facebook.com/dialog/oauth?client_id=394182450695217&redirect_uri=https://localhost:8443/login&response_type=code&state=X6kWlA
해당 Server Log
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.security.web.FilterChainProxy : /login at position 2 of 12 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : HttpSession returned null object for SPRING_SECURITY_CONTEXT
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@16504e11. A new one will be created.
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.security.web.FilterChainProxy : /login at position 6 of 12 in additional filter chain; firing Filter: 'OAuth2ClientAuthenticationProcessingFilter'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] o.s.s.w.u.matcher.AntPathRequestMatcher : Checking match of request : '/login'; against '/login'
2019-04-11 15:17:37.327 DEBUG 52044 --- [nio-8443-exec-6] uth2ClientAuthenticationProcessingFilter : Request is to process authentication
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] w.c.HttpSessionSecurityContextRepository : SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] s.s.w.c.SecurityContextPersistenceFilter : SecurityContextHolder now cleared, as request processing completed
2019-04-11 15:17:37.329 DEBUG 52044 --- [nio-8443-exec-6] o.s.s.web.DefaultRedirectStrategy : Redirecting to 'https://www.facebook.com/dialog/oauth?client_id=394182450695217&redirect_uri=https://localhost:8443/login&response_type=code&state=X6kWlA'
2. 해당 링크에서 다시 한번 페이스북 로그인을 요청하기 위해 302:redirect를 한다.
https://www.facebook.com/login.php?skip_api_login .. 이때 cancel_url 과 redirect_url 파라미터를 추가로 붙인다. 거기서 성공하면 다시 한번 https://www.facebook.com/dialog/oauth 를 호출하게 되고 302응답과 함께 code 값을 받아온다.
해당 값으로 access token을 얻기 위해 호출한다. -> https://git.io/fjqur 에서 OAuth2RestTeamplte 를 이용해서 access token을 얻어온다는 https://git.io/fjquP 에서 context에 저장한다.